What is ransomware?
Ransomware is an advanced piece of malware that blocks the victim’s access to their own files.
There are two types of ransomware in circulation:
- Encrypting ransomware, which incorporates advanced encryption algorithms. It’s designed to block system files and demand payment to provide the victim with the key that can decrypt the blocked content. Examples include CryptoLocker, Locky, CrytpoWall and more.
- Locker ransomware, which locks the victim out of the operating system, making it impossible to access the desktop and any apps or files. The files are not encrypted in this case, but the attackers still ask for a ransom to unlock the infected computer. Examples include the police-themed ransomware or Winlocker.
The most widespread type of ransomware is crypto-ransomware or encrypting ransomware. The cyber security community agrees that this is the most prominent and worrisome cyber threat of the moment.
Ransomware has some key characteristics that set it apart from other malware:
- It features unbreakable encryption, which means that you can’t decrypt the files on your own (there are various decryption tools released by cyber security researchers – more on that later);
- It has the ability to encrypt all kinds of files, from documents to pictures, videos, audio files and other things you may have on your PC;
- It can scramble your file names, so you can’t know which data was affected. This is one of the social engineering tricks used to confuse and coerce victims into paying the ransom;
- It will add a different extension to your files, to sometimes signal a specific type of ransomware strain;
- It will display an image or a message that lets you know your data has been encrypted and that you have to pay a specific sum of money to get it back;
- It requests payment in Bitcoins because this crypto-currency cannot be tracked by cyber security researchers or law enforcements agencies;
- Usually, the ransom payments have a time-limit which adds another level of psychological constraint to this extortion scheme. Going over the deadline typically means that the ransom will increase, but it can also mean that the data will be destroyed and lost forever.
- It uses a complex set of evasion techniques to go undetected by traditional anti-virus.
Encrypting ransomware is a complex and advanced cyber threat which uses all the tricks available because it makes cyber criminals a huge amount of money. We’re talking millions!
We are not going deep, else it will be much for a day..
15 Items to Check if You Want To Keep Your System Safe From Ransomware
Please take the threat of ransomware seriously and do something about it before it hits your data.
1. Don’t store important data only on my PC.
2. have 2 backups of your data: on an external hard drive and in the cloud – Dropbox/Google Drive/etc.
4. Keep your operating system and the software that you use up to date, including the latest security updates.
5. For daily use, don’t use an administrator account on your computer. Use a guest account with limited privileges.
6.Turn off the macros in the Microsoft Office suite – Word, Excel, PowerPoint, etc.
In the browser
8.Adjust your browsers’ security and privacy settings for increased protection.
10.Use an ad-blocker to avoid the threat of potentially malicious ads.
These are the precautions you can take on your computer locally…Buy you also need to take steps for online protection.
- Never open spam emails or emails from unknown senders.
- Never download attachments from spam emails or suspicious emails.
- Never click links in spam emails or suspicious emails.
You must use a reliable, paid antivirus product that includes an automatic update module and a real-time scanner.
How to get your data back without paying the ransom
There’s hundred of types of ransomware out there, but cyber security researchers are working around the clock to break the encryption that at least some of them use. Unfortunately, the most notorious families have proven to be unbreakable so far. In spite of this, there are many other cryptoware strains that are not that well coded and which specialists were able to crack.
Stay safe, stay informed and stay happy 🙂